security/wolfssl: Update to 5.9.2
Changes since 5.9.1:
To download the release bundle of wolfSSL visit the download page at
www.wolfssl.com/download/
PR stands for Pull Request, and PR references a GitHub pull request
number where the code change was added.
NOTE: The pre-standardization Dilithium API has been renamed to its
FIPS 204 ML-DSA name; the legacy dilithium.h header and
wc_dilithium_* names remain available through a temporary
compatibility shim.
NOTE: The SLH-DSA Hash sign/verify APIs now require a caller-supplied
pre-hashed digest rather than the raw message (see Enhancements
below).
NOTE: liboqs integrations for ML-KEM, ML-DSA, and SLH-DSA (SPHINCS+)
have been removed in favor of the native implementations; the
[847 lines not shown]
mips: NMI handler must also clear STATUS.ERL
STATUS.ERL may be set in addition to STATUS.EXL and STATUS.NMI
when entering the NMI handler.
Clearing only EXL and NMI leaves the CPU in error level.
Reviewed by skrll@
mips: avoid redundant STATUS write in _splraise
The previous test only short-circuited when the requested IPL was
strictly less than the current IPL. When newipl == curipl,
short-circuit as well.
Reviewed by skrll@
Pull up following revision(s) (requested by martin in ticket #344):
usr.sbin/sysinst/Makefile.inc: revision 1.55
usr.sbin/sysinst/configmenu.c: revision 1.26
usr.sbin/sysinst/defs.h: revision 1.97
usr.sbin/sysinst/main.c: revision 1.38
usr.sbin/sysinst/menus.mi: revision 1.32-1.33
usr.sbin/sysinst/net.c: revision 1.48
Do not remove support for https neither at compile time (SMALLPROG)
nor at runtime (no SSL trust anchors available).
Instead dynamically disable the https option when it won't work, but
fully support it later (after unpacking the base set) when downloading
stuff for binary pkgs or pkgsrc.
--
#ifdef remove_menu_options() like all its callers to avoid stupid
compiler warnings.
debug/shl.mi: Cull obsolete linkable shlibs and explain why.
This is not a _good_ system but it's the system we have:
PR misc/57581: set lists should have a way to obsolete shlibs in
DESTDIR but not in postinstall
t_mbrtowc: Mark UTF-8 test cases xfail.
mbrtowc previously failed to reject invalid (legacy 5/6-byte) UTF-8,
so it accepted this test case. Now it rejects this test case,
because the test case itself is broken.
Need to split this test up into:
1. correctly decoding the valid inputs
2. correctly rejecting the invalid inputs
But for now marking the test case xfail is an adequate approximation
to the more complicated truth.
PR lib/60369: mbrtowc, mbrlen have wrong return value for some
invalid byte sequences: Invalid sequence
resterm: Update to 0.44.3
resterm 0.44.3
This release is all about the status bar - more color control, clearer icons and small labels improvements.
Test outcomes now have their own statusbar palette, separate from request status blocks. You can theme each result independently:
[status_bar.tests_pass]
foreground = "#ecfeff"
background = "#0e7490"
[status_bar.tests_fail]
foreground = "#fff1f2"
background = "#be123c"
[status_bar.tests_error]
foreground = "#faf5ff"
background = "#7e22ce"
Minimized panes now show up in the status bar tinted to match their pane border color and new icon.
The focus segment now has per pane icons - Files, Requests, Editor and Response
Status text now uses the request's name as its label when one is defined, falling back to the URL otherwise.
Small rewording to status messages, e.g. Using environment: dev and Theme unavailable: <name>.
Old debug libraries get listed as obsolete so they get removed
So add back (but marked obsolete) libexpat.so.2.6.debug (even if it
was present for just a fortnight).
Do not remove support for https neither at compile time (SMALLPROG)
nor at runtime (no SSL trust anchors available).
Instead dynamically disable the https option when it won't work, but
fully support it later (after unpacking the base set) when downloading
stuff for binary pkgs or pkgsrc.
gotosocial: Update to 0.21.3
This release includes serious security fixes.
Changes:
- Update upstream git repository to their new home on
Codeberg.
- Golang compiler tags and linker flags adapted from
GoToSocial build.sh script, with pkgsrc supported
platforms in mind.
- Remove Golang version pinning to 1.24, 1.26 is good now.
- Update post-install actions to mimic GoToTocial own
binary releases available on Codeberg.
- Remove a Windows specific patch (as far as I know it
doesn't build on this OS anyway).
[12 lines not shown]